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Preliminary Amendment - First Action Not Yet Received 

This listing of claims will replace all prior versions, and listings, of claims in the application. 
Listing of Claims: 

1 . (original) A method for improving processor virtualization in x86 processor architectures 
and their equivalents, including but not limited to the IA32 architecture, said method comprising 
removing, replacing, or supplementing one or more predefined instructions in a guest operating 
system that adversely affect virtualization for a virtual machine operating on an x86 processor. 

2. (original) The method of claim 1 wherein said one or more instructions, include a 
member of the following group of instructions: PUSH CS, PUSH SS, MOV from SS, CALLF, 
VERR, VERW, and LAR. 

3. (original) The method of claim 1 wherein an instruction that adversely affects 
virtualization on an x86 processor is either replaced with or supplemented by a synthetic 
instruction that causes an exception in the x86 processor that is then trapped by a virtual machine 
running on said x86 processor for processing by said virtual machine. 

4. (original) The method of claim 3 wherein, for a first virtual machine running on a second 
virtual machine, an instruction that is either replaced with or supplemented by a synthetic 
instruction to cause an exception in the x86 processor that is then trapped by said first virtual 
machine running on said x86 processor for processing by said virtual machine by effectively by- 
passing said second virtual machine. 

5. (original) The method of claim 3 wherein said synthetic instruction is usable in both a 
user mode and a privileged mode. 

6. (original) The method of claim 3 wherein said synthetic instruction has no corollary to 
an existing x86 instruction. 
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7. (original) The method of claim 3 wherein said synthetic instruction is an instruction for 
disabling direct execution (e.g., VMDXDSBL). 

8. (original) The method of claim 3 wherein said synthetic instruction is an instruction for 
enabling (or re-enabling) direct execution (e.g., VMDXENBL). 

9. (original) The method of claim 3 wherein, for an instruction that is replaced with a 
synthetic instruction, the synthetic instruction is semantically similar to the instruction that is 
being replaced. 

10. (original) The method of claim 9 wherein an instruction of less than five bytes in length 
is replaced with a synthetic instruction of at least five bytes in length (e.g., to facilitate patching). 

1 1 . (original) The method of claim 10 wherein an STI instruction is replaced with a synthetic 
instruction that is at least five bytes long (e.g., VMSTI). 

12. (original) The method of claim 10 wherein a CLI instruction is replaced with a synthetic 
instruction that is at least five bytes long (e.g., VMCLI). 

13. (original) The method of claim 3 wherein a CPUID instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMCPUID) that reads virtualized CPUID 
information. 

14. (original) The method of claim 3 wherein at least one multi-processor spin lock 
instruction in the guest operating system is supplemented with a synthetic instruction (e.g., 
VMSPLAF) for determining when a spin lock acquisition has failed. 
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15. (original) The method of claim 3 wherein a PUSHF(D) instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMPUSHFD) that pushes IF onto a stack. 

16. (original) The method of claim 3 wherein a POPF(D) instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMPOPFD) that pops IF off of a stack. 

17. (original) The method of claim 3 wherein an instruction that modifies a descriptor table 
entry in the guest operating system is replaced with a synthetic instruction (e.g., VMWRDESC) 
that updates the descriptor table entry, avoiding overheads associated with maintaining shadow 
descriptor tables. 

18. (original) the method of claim 3 wherein an SGDT instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMSGDT) that stores a current GDT base 
and length to EAX. 

19. (original) The method of claim 3 wherein a SLDT instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMSLDT) that stores the current LDT 
selector to EAX. 

20. (original) The method of claim 3 wherein a SIDT instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMSIDT) that stores the current IDT base 
and length to EAX. 

21 . (original) The method of claim 3 wherein a STR instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMSTR) that stores the current TR selector 
to EAX. 

22. (original) The method of claim 3 wherein a CLI instruction in the guest operating 
system is replaced with a synthetic instruction (e.g., VMCLI) that clears a virtualized IF. 
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23. (original) The method of claim 3 wherein a STI instruction in the guest operating system 
is replaced with a synthetic instruction (e.g., VMSTI) that sets a virtualized IF. 

24. (original) The method of claim 3 wherein a synthetic instruction for halting the processor 
(e.g., VMHALT) can be executed as user-level guest code. 

25. (original) A method for an operating system to determine whether it is running on a 
virtualized processor or running directly on an x86 processor, said method comprising: 

executing a synthetic instruction (e.g., VMCPUID) for returning a value representing an 
identity for the central processing unit; 

if a value is returned, then concluding that the operating system is running on a 
virtualized processor, and thereafter utilize synthetic instructions; and 

if an exception occurs, then concluding that the operating system is running directly on 
an x86 processor, and thereafter refrain from utilizing synthetic instructions. 

26. (original) The method of claim 25 further comprising, if a value is returned, then 
accessing or modifying features or behaviors of the underlying virtual machine monitor. 

27. (original) The method of claim 25 wherein the hexadecimal operation code for said 
synthetic instruction is OF C7 C8 01 00. 

28. (original) A method for improving operating system code for efficient patching of 
trappable instructions using a long JMP instruction, said method comprising the step of, in the 
guest operating system, locating instances of trappable instructions that are less than five bytes 
long (e.g., STI and CLI instructions that run within ring-0 code) and replace these trappable 
instructions with corresponding synthetic instructions that are at least five bytes long (e.g., 
VMSTI and VMCLI respectively). 
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29. (original) A system for processing synthetic instructions on x86 processor architectures 
and their equivalents, including but not limited to the IA32 architecture, said system comprising 

a subsystem for trapping said synthetic instructions issued by a guest operating system 
after said synthetic instructions cause an exception in the x86 processor; and 

a subsystem for processing said synthetic instructions for the guest operating system. 

30. (original) The system of claim 29 further comprising a subsystem whereby a synthetic 
instruction (e.g., VMSPLAF) for determining when a spin lock acquisition has failed is trapped 
and processed. 

3 1 . (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMPUSHFD) for pushing an IF onto a stack. 

32. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMPOPFD) for popping an IF off of a stack. 

33. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMWRDESC) that updates the descriptor table entry, avoiding 
overheads associated with maintaining shadow descriptor tables. 

34. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMSGDT) for storing the current GDT base and length to EAX. 

35. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMSLDT) for storing the current LDT selector to EAX. 

36. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMSIDT) for storing the current IDT base and length to EAX. 
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37. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMSTR) for storing the current TR selector to EAX. 

38. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMCLI) for clearing a virtualized IF. 

39. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction (e.g., VMSTI) for setting a virtualized IF. 

40. (original) The system of claim 29 further comprising a subsystem for processing a 
synthetic instruction for halting the processor (e.g., VMHALT) can be executed as user-level 
guest code. 

41. (original) The system of claim 29 further comprising a subsystem for determining 
whether said system is running on a virtualized processor or running directly on an x86 
processor, said subsystem comprising: 

a subsystem for executing a synthetic instruction (e.g., VMCPUID) for returning a value 
representing an identity for features supported by the central processing unit; and 

a subsystem for determining if a value is returned and (a) if so, concluding that the 
operating system is running on a virtualized processor, and thereafter utilize synthetic 
instructions, and (b) if not, concluding that the operating system is running directly on an x86 
processor, and thereafter refrain from utilizing synthetic instructions. 

42. (original) The system of claim 41 further comprising a subsystem for accessing or 
modifying features or behaviors of the underlying virtual machine monitor if a value is returned. 

43. (original) The system of claim 41 wherein the hexadecimal operation code for said 
synthetic instruction is OF C7 C8 01 00. 
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44. (original) The system of claim 29 wherein said synthetic instructions comprise a 
synthetic instruction for disabling direct execution (e.g., VMDXDSBL). 

45. (original) The system of claim 29 wherein said synthetic instructions comprise a 
synthetic instruction for enabling (or re-enabling) direct execution (e.g., VMDXENBL). 

46. (original) The system of claim 29 wherein said synthetic instructions comprise: 
a synthetic instruction (e.g., VMPUSHFD) for pushing an IF onto a stack; and 
a synthetic instruction (e.g., VMPOPFD) for popping an IF off of a stack. 

47. (original) The system of claim 46 wherein said synthetic instructions further comprise: 
a synthetic instruction (e.g., VMSGDT) for storing the current GDT base and length to 

EAX; 

a synthetic instruction (e.g., VMSLDT) for storing the current LDT selector to EAX; 
a synthetic instruction (e.g., VMSIDT) for storing the current IDT base and length to 
EAX; and 

a synthetic instruction (e.g., VMSTR) for storing the current TR selector to EAX. 

48. (original) The system of claim 46 wherein said synthetic instructions further comprise: 
a synthetic instruction (e.g., VMCLI) for clearing a virtualized IF; and 

a synthetic instruction (e.g., VMSTI) for setting a virtualized IF. 

49. (original) The system of claim 46 wherein said synthetic instructions further comprise a 
synthetic instruction for determining when a spin lock acquisition has failed is trapped and 
processed. 

50. (original) The system of claim 46 wherein said synthetic instructions further comprise a 
synthetic instruction (e.g., VMCPUID) for returning a value representing an identity for the 
central processing unit. 



Page 9 of 14 



I 



DOCKET NO.: MSFT-2570/305 147.01 PATENT 
Application No-: 10/685,051 

Preliminary Amendment - First Action Not Yet Received 



5 1 . (original) The system of claim 50 wherein the hexadecimal operation code for said 
synthetic instruction is OF C7 C8 01 00. 

52. (original) A computer-readable medium comprising computer-readable instructions for 
improving processor virtualization in x86 processor architectures and their equivalents, including 
but not limited to the IA32 architecture, said computer-readable instructions comprising 
synthetic instruction that causes an exception in the x86 processor that is then trapped by a 
virtual machine monitor running on said x86 processor for processing by said virtual machine 
monitor. 

53. (currently amended) The computer-readable instructions of claim 52 further comprising 
instructions whereby m e thod of claim 46 whoroin at least one multi-processor spin lock 
instruction in the guest operating system is supplemented with a synthetic instruction (e.g., 
VMSPLAF) for determining when a spin lock acquisition has failed. 

54. (currently amended) The computer-readable instructions of claim 52 [[46]] further 
comprising a synthetic instruction (e.g., VMCPUID) for returning a value representing an 
identity for the central processing unit.. 

55. (currently amended) The computer-readable instructions of claim 52 [[46]] further 
comprising a synthetic instruction (e.g., VMPUSHFD) that pushes IF onto a stack. 

56. (currently amended) The computer-readable instructions of claim 52 [[46]] further 
comprising a synthetic instruction (e.g., VMPOPFD) that pops IF off of a stack. 

57. (currently amended) The computer-readable instructions of claim 52 [[46]] further 
comprising a synthetic instruction (e.g., VMSGDT) that stores the current GDT base and length 
to EAX. 
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58. (currently amended) The computer-readable instructions of claim 52 [[46]] further 
comprising a synthetic instruction (e.g., VMSLDT) that stores the current LDT selector to EAX. 

59. (currently amended) The computer-readable instructions of claim 52 [[46]] further 
comprising a synthetic instruction (e.g., VMSEDT) that stores the current IDT base and length to 
EAX. 

60. (currently amended) The computer-readable instructions of claim 52 [[46]] further 
comprising a synthetic instruction (e.g., VMSTR) that stores the current TR selector to EAX. 

61. (currently amended) The computer-readable instructions of claim 52 [[46]] further 
comprising a synthetic instruction (e.g., VMCLI) that clears a virtualized IF. 

62. (currently amended) The computer-readable instructions of claim 52 [[46]] further 
comprising a synthetic instruction (e.g., VMSTI) that sets a virtualized IF. 

63. (currently amended) The computer-readable instructions of claim 52 [[46]] further 
comprising instructions for determining whether said instructions are running on a virtualized 
processor or running directly on an x86 processor, said instructions comprising: 

instructions for executing a synthetic instruction for returning a value representing an 
identity for the central processing unit.; and 

instructions for determining if value corresponding to an identity for the central 
processing unit is returned and (a) if so, utilizing synthetic instructions, and (b) if not, suspending 
use of synthetic instructions. 

* 

64. (original) The computer-readable instructions of claim 63 wherein the hexadecimal 
operation code for said synthetic instruction is OF C7 C8 01 00. 
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65. (currently amended) A system for processing synthetic instructions when executing on 
x86 processor architectures and their equivalents, including but not limited to the IA32 
architecture, said system m e thods comprising: 

removing, replacing, or supplementing instances of one or more of the following 
predefined instructions in the guest operating system: PUSH CS, PUSH SS, MOV from SS, 
CALLF, VERR, VERW, and LAR; 

66. (original) A method for optimizing a guest operating system to improve processor 
virtualization when executing on x86 processor architectures and their equivalents, including but 
not limited to the IA32 architecture, said method comprising: 

removing, replacing, or supplementing instances of one or more of the following 
predefined instructions in the guest operating system: PUSH CS, PUSH SS, MOV from SS, 
CALLF, VERR, VERW, and LAR; 

replacing CPUID instructions in the guest operating system with synthetic instructions 
(e.g., VMCPUID) that reads virtualized CPUID information; 

supplementing spin lock instructions in the guest operating system with synthetic 
instructions (e.g., VMSPLAF) for determining when a spin lock acquisition has failed; 

replacing PUSHF(D) instructions in the guest operating system with synthetic 
instructions (e.g., VMPUSHFD) for pushing IF onto a stack; 

replacing POPF(D) instructions in the guest operating system with synthetic instructions 
(e.g., VMPOPFD) for popping IF off of a stack; 

replacing SGDT instructions in the guest operating system with synthetic instructions 
(e.g., VMSGDT) for storing a current GDT base and length to EAX; 

replacing SLDT instructions in the guest operating system with synthetic instructions 
(e.g., VMSLDT) for storing a current LDT selector to EAX; 

replacing SIDT instructions in the guest operating system with synthetic instructions 
(e.g., VMSIDT) for storing a current IDT base and length to EAX; 

replacing STR instructions in the guest operating system with synthetic instructions (e.g., 
VMSTR) for storing the current TR selector to EAX; 
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replacing CLI instructions in the guest operating system with synthetic instructions (e.g., 
VMCLI) for clearing a virtualized IF; 

replacing STI instructions in the guest operating system with synthetic instructions (e.g., 
VMSTI) for setting a virtualized IF. 



[Remainder of Page Intentionally Left Blank] 
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